1syntax = "proto3"; 2 3package envoy.api.v2.core; 4 5import "envoy/api/v2/core/address.proto"; 6import "envoy/api/v2/core/backoff.proto"; 7import "envoy/api/v2/core/http_uri.proto"; 8import "envoy/type/percent.proto"; 9import "envoy/type/semantic_version.proto"; 10 11import "google/protobuf/any.proto"; 12import "google/protobuf/struct.proto"; 13import "google/protobuf/wrappers.proto"; 14 15import "udpa/annotations/migrate.proto"; 16import "udpa/annotations/status.proto"; 17import "validate/validate.proto"; 18 19import public "envoy/api/v2/core/socket_option.proto"; 20 21option java_package = "io.envoyproxy.envoy.api.v2.core"; 22option java_outer_classname = "BaseProto"; 23option java_multiple_files = true; 24option go_package = "github.com/envoyproxy/go-control-plane/envoy/api/v2/core"; 25option (udpa.annotations.file_migrate).move_to_package = "envoy.config.core.v3"; 26option (udpa.annotations.file_status).package_version_status = FROZEN; 27 28// [#protodoc-title: Common types] 29 30// Envoy supports :ref:`upstream priority routing 31// <arch_overview_http_routing_priority>` both at the route and the virtual 32// cluster level. The current priority implementation uses different connection 33// pool and circuit breaking settings for each priority level. This means that 34// even for HTTP/2 requests, two physical connections will be used to an 35// upstream host. In the future Envoy will likely support true HTTP/2 priority 36// over a single upstream connection. 37enum RoutingPriority { 38 DEFAULT = 0; 39 HIGH = 1; 40} 41 42// HTTP request method. 43enum RequestMethod { 44 METHOD_UNSPECIFIED = 0; 45 GET = 1; 46 HEAD = 2; 47 POST = 3; 48 PUT = 4; 49 DELETE = 5; 50 CONNECT = 6; 51 OPTIONS = 7; 52 TRACE = 8; 53 PATCH = 9; 54} 55 56// Identifies the direction of the traffic relative to the local Envoy. 57enum TrafficDirection { 58 // Default option is unspecified. 59 UNSPECIFIED = 0; 60 61 // The transport is used for incoming traffic. 62 INBOUND = 1; 63 64 // The transport is used for outgoing traffic. 65 OUTBOUND = 2; 66} 67 68// Identifies location of where either Envoy runs or where upstream hosts run. 69message Locality { 70 // Region this :ref:`zone <envoy_api_field_core.Locality.zone>` belongs to. 71 string region = 1; 72 73 // Defines the local service zone where Envoy is running. Though optional, it 74 // should be set if discovery service routing is used and the discovery 75 // service exposes :ref:`zone data <envoy_api_field_endpoint.LocalityLbEndpoints.locality>`, 76 // either in this message or via :option:`--service-zone`. The meaning of zone 77 // is context dependent, e.g. `Availability Zone (AZ) 78 // <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html>`_ 79 // on AWS, `Zone <https://cloud.google.com/compute/docs/regions-zones/>`_ on 80 // GCP, etc. 81 string zone = 2; 82 83 // When used for locality of upstream hosts, this field further splits zone 84 // into smaller chunks of sub-zones so they can be load balanced 85 // independently. 86 string sub_zone = 3; 87} 88 89// BuildVersion combines SemVer version of extension with free-form build information 90// (i.e. 'alpha', 'private-build') as a set of strings. 91message BuildVersion { 92 // SemVer version of extension. 93 type.SemanticVersion version = 1; 94 95 // Free-form build information. 96 // Envoy defines several well known keys in the source/common/version/version.h file 97 google.protobuf.Struct metadata = 2; 98} 99 100// Version and identification for an Envoy extension. 101// [#next-free-field: 6] 102message Extension { 103 // This is the name of the Envoy filter as specified in the Envoy 104 // configuration, e.g. envoy.filters.http.router, com.acme.widget. 105 string name = 1; 106 107 // Category of the extension. 108 // Extension category names use reverse DNS notation. For instance "envoy.filters.listener" 109 // for Envoy's built-in listener filters or "com.acme.filters.http" for HTTP filters from 110 // acme.com vendor. 111 // [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.] 112 string category = 2; 113 114 // [#not-implemented-hide:] Type descriptor of extension configuration proto. 115 // [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.] 116 // [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.] 117 string type_descriptor = 3; 118 119 // The version is a property of the extension and maintained independently 120 // of other extensions and the Envoy API. 121 // This field is not set when extension did not provide version information. 122 BuildVersion version = 4; 123 124 // Indicates that the extension is present but was disabled via dynamic configuration. 125 bool disabled = 5; 126} 127 128// Identifies a specific Envoy instance. The node identifier is presented to the 129// management server, which may use this identifier to distinguish per Envoy 130// configuration for serving. 131// [#next-free-field: 12] 132message Node { 133 // An opaque node identifier for the Envoy node. This also provides the local 134 // service node name. It should be set if any of the following features are 135 // used: :ref:`statsd <arch_overview_statistics>`, :ref:`CDS 136 // <config_cluster_manager_cds>`, and :ref:`HTTP tracing 137 // <arch_overview_tracing>`, either in this message or via 138 // :option:`--service-node`. 139 string id = 1; 140 141 // Defines the local service cluster name where Envoy is running. Though 142 // optional, it should be set if any of the following features are used: 143 // :ref:`statsd <arch_overview_statistics>`, :ref:`health check cluster 144 // verification 145 // <envoy_api_field_core.HealthCheck.HttpHealthCheck.service_name_matcher>`, 146 // :ref:`runtime override directory <envoy_api_msg_config.bootstrap.v2.Runtime>`, 147 // :ref:`user agent addition 148 // <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.add_user_agent>`, 149 // :ref:`HTTP global rate limiting <config_http_filters_rate_limit>`, 150 // :ref:`CDS <config_cluster_manager_cds>`, and :ref:`HTTP tracing 151 // <arch_overview_tracing>`, either in this message or via 152 // :option:`--service-cluster`. 153 string cluster = 2; 154 155 // Opaque metadata extending the node identifier. Envoy will pass this 156 // directly to the management server. 157 google.protobuf.Struct metadata = 3; 158 159 // Locality specifying where the Envoy instance is running. 160 Locality locality = 4; 161 162 // This is motivated by informing a management server during canary which 163 // version of Envoy is being tested in a heterogeneous fleet. This will be set 164 // by Envoy in management server RPCs. 165 // This field is deprecated in favor of the user_agent_name and user_agent_version values. 166 string build_version = 5 [deprecated = true]; 167 168 // Free-form string that identifies the entity requesting config. 169 // E.g. "envoy" or "grpc" 170 string user_agent_name = 6; 171 172 oneof user_agent_version_type { 173 // Free-form string that identifies the version of the entity requesting config. 174 // E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild" 175 string user_agent_version = 7; 176 177 // Structured version of the entity requesting config. 178 BuildVersion user_agent_build_version = 8; 179 } 180 181 // List of extensions and their versions supported by the node. 182 repeated Extension extensions = 9; 183 184 // Client feature support list. These are well known features described 185 // in the Envoy API repository for a given major version of an API. Client features 186 // use reverse DNS naming scheme, for example `com.acme.feature`. 187 // See :ref:`the list of features <client_features>` that xDS client may 188 // support. 189 repeated string client_features = 10; 190 191 // Known listening ports on the node as a generic hint to the management server 192 // for filtering :ref:`listeners <config_listeners>` to be returned. For example, 193 // if there is a listener bound to port 80, the list can optionally contain the 194 // SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. 195 repeated Address listening_addresses = 11; 196} 197 198// Metadata provides additional inputs to filters based on matched listeners, 199// filter chains, routes and endpoints. It is structured as a map, usually from 200// filter name (in reverse DNS format) to metadata specific to the filter. Metadata 201// key-values for a filter are merged as connection and request handling occurs, 202// with later values for the same key overriding earlier values. 203// 204// An example use of metadata is providing additional values to 205// http_connection_manager in the envoy.http_connection_manager.access_log 206// namespace. 207// 208// Another example use of metadata is to per service config info in cluster metadata, which may get 209// consumed by multiple filters. 210// 211// For load balancing, Metadata provides a means to subset cluster endpoints. 212// Endpoints have a Metadata object associated and routes contain a Metadata 213// object to match against. There are some well defined metadata used today for 214// this purpose: 215// 216// * ``{"envoy.lb": {"canary": <bool> }}`` This indicates the canary status of an 217// endpoint and is also used during header processing 218// (x-envoy-upstream-canary) and for stats purposes. 219// [#next-major-version: move to type/metadata/v2] 220message Metadata { 221 // Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.* 222 // namespace is reserved for Envoy's built-in filters. 223 map<string, google.protobuf.Struct> filter_metadata = 1; 224} 225 226// Runtime derived uint32 with a default when not specified. 227message RuntimeUInt32 { 228 // Default value if runtime value is not available. 229 uint32 default_value = 2; 230 231 // Runtime key to get value for comparison. This value is used if defined. 232 string runtime_key = 3 [(validate.rules).string = {min_bytes: 1}]; 233} 234 235// Runtime derived double with a default when not specified. 236message RuntimeDouble { 237 // Default value if runtime value is not available. 238 double default_value = 1; 239 240 // Runtime key to get value for comparison. This value is used if defined. 241 string runtime_key = 2 [(validate.rules).string = {min_bytes: 1}]; 242} 243 244// Runtime derived bool with a default when not specified. 245message RuntimeFeatureFlag { 246 // Default value if runtime value is not available. 247 google.protobuf.BoolValue default_value = 1 [(validate.rules).message = {required: true}]; 248 249 // Runtime key to get value for comparison. This value is used if defined. The boolean value must 250 // be represented via its 251 // `canonical JSON encoding <https://developers.google.com/protocol-buffers/docs/proto3#json>`_. 252 string runtime_key = 2 [(validate.rules).string = {min_bytes: 1}]; 253} 254 255// Header name/value pair. 256message HeaderValue { 257 // Header name. 258 string key = 1 259 [(validate.rules).string = 260 {min_bytes: 1 max_bytes: 16384 well_known_regex: HTTP_HEADER_NAME strict: false}]; 261 262 // Header value. 263 // 264 // The same :ref:`format specifier <config_access_log_format>` as used for 265 // :ref:`HTTP access logging <config_access_log>` applies here, however 266 // unknown header values are replaced with the empty string instead of `-`. 267 string value = 2 [ 268 (validate.rules).string = {max_bytes: 16384 well_known_regex: HTTP_HEADER_VALUE strict: false} 269 ]; 270} 271 272// Header name/value pair plus option to control append behavior. 273message HeaderValueOption { 274 // Header name/value pair that this option applies to. 275 HeaderValue header = 1 [(validate.rules).message = {required: true}]; 276 277 // Should the value be appended? If true (default), the value is appended to 278 // existing values. 279 google.protobuf.BoolValue append = 2; 280} 281 282// Wrapper for a set of headers. 283message HeaderMap { 284 repeated HeaderValue headers = 1; 285} 286 287// Data source consisting of either a file or an inline value. 288message DataSource { 289 oneof specifier { 290 option (validate.required) = true; 291 292 // Local filesystem data source. 293 string filename = 1 [(validate.rules).string = {min_bytes: 1}]; 294 295 // Bytes inlined in the configuration. 296 bytes inline_bytes = 2 [(validate.rules).bytes = {min_len: 1}]; 297 298 // String inlined in the configuration. 299 string inline_string = 3 [(validate.rules).string = {min_bytes: 1}]; 300 } 301} 302 303// The message specifies the retry policy of remote data source when fetching fails. 304message RetryPolicy { 305 // Specifies parameters that control :ref:`retry backoff strategy <envoy_api_msg_core.BackoffStrategy>`. 306 // This parameter is optional, in which case the default base interval is 1000 milliseconds. The 307 // default maximum interval is 10 times the base interval. 308 BackoffStrategy retry_back_off = 1; 309 310 // Specifies the allowed number of retries. This parameter is optional and 311 // defaults to 1. 312 google.protobuf.UInt32Value num_retries = 2; 313} 314 315// The message specifies how to fetch data from remote and how to verify it. 316message RemoteDataSource { 317 // The HTTP URI to fetch the remote data. 318 HttpUri http_uri = 1 [(validate.rules).message = {required: true}]; 319 320 // SHA256 string for verifying data. 321 string sha256 = 2 [(validate.rules).string = {min_bytes: 1}]; 322 323 // Retry policy for fetching remote data. 324 RetryPolicy retry_policy = 3; 325} 326 327// Async data source which support async data fetch. 328message AsyncDataSource { 329 oneof specifier { 330 option (validate.required) = true; 331 332 // Local async data source. 333 DataSource local = 1; 334 335 // Remote async data source. 336 RemoteDataSource remote = 2; 337 } 338} 339 340// Configuration for transport socket in :ref:`listeners <config_listeners>` and 341// :ref:`clusters <envoy_api_msg_Cluster>`. If the configuration is 342// empty, a default transport socket implementation and configuration will be 343// chosen based on the platform and existence of tls_context. 344message TransportSocket { 345 // The name of the transport socket to instantiate. The name must match a supported transport 346 // socket implementation. 347 string name = 1 [(validate.rules).string = {min_bytes: 1}]; 348 349 // Implementation specific configuration which depends on the implementation being instantiated. 350 // See the supported transport socket implementations for further documentation. 351 oneof config_type { 352 google.protobuf.Struct config = 2 [deprecated = true]; 353 354 google.protobuf.Any typed_config = 3; 355 } 356} 357 358// Runtime derived FractionalPercent with defaults for when the numerator or denominator is not 359// specified via a runtime key. 360// 361// .. note:: 362// 363// Parsing of the runtime key's data is implemented such that it may be represented as a 364// :ref:`FractionalPercent <envoy_api_msg_type.FractionalPercent>` proto represented as JSON/YAML 365// and may also be represented as an integer with the assumption that the value is an integral 366// percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse 367// as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. 368message RuntimeFractionalPercent { 369 // Default value if the runtime value's for the numerator/denominator keys are not available. 370 type.FractionalPercent default_value = 1 [(validate.rules).message = {required: true}]; 371 372 // Runtime key for a YAML representation of a FractionalPercent. 373 string runtime_key = 2; 374} 375 376// Identifies a specific ControlPlane instance that Envoy is connected to. 377message ControlPlane { 378 // An opaque control plane identifier that uniquely identifies an instance 379 // of control plane. This can be used to identify which control plane instance, 380 // the Envoy is connected to. 381 string identifier = 1; 382} 383